Equifax reportedly hacked again, this tie with fake pop ups

Equifax continues to deal with previous massive data breach and now it might have another security problem on its hands.

Author:
CBS , WTSP

Published:
1:40 PM EDT October 12, 2017

CBS Local — It’s happened again. According to reports, credit monitoring company Equifax has been the victim of another hack just one month after revealing 143 million Americans may have had their personal information stolen.

Independent security analyst Randy Abrams claims that the company’s website was compromised for several hours on Oct. 11 and was redirecting customers to a fake Adobe Flash update download. Abrams told tech reporters at Ars Technica that he discovered the hack while using Equifax to dispute his own credit report.

Once clicked, the phony Flash reportedly downloads adware onto the user’s computer that fills their internet browser with ads. The harmful tech, known as Adware.Eorezo, can not be detected by every antivirus provider and was allegedly encountered by Abrams three separate times.

A day after the suspected hack, multiple outlets are reporting that the malicious pop up has disappeared from Equifax’s website. Tech experts believe the credit monitoring firm may have discovered the hack on their own and removed the fake software however, Equifax did not respond to media requests for comment on the incident.

The embattled company remains under heavy scrutiny after waiting nearly four months to publicly announce that they had been hacked. Equifax established a website for Americans to check if their information may have been stolen and to enroll in free credit monitoring for a year. The latest claims reveal that after one of the largest data breaches ever, Equifax still may not have learned its lesson about providing proper security for its customers.

The latest reports of a hack also come on the heels of the Equifax signing a multi-million dollar deal with the IRS to assist with taxpayer and personal identity verification services.